Transient Denial of Service in Qualcomm Wireless Devices
CVE-2024-33070

7.5HIGH

Key Information:

Vendor: Qualcomm
Status: Qca6574au Firmware
Vendor: CVE Published:; 7 October 2024

What is CVE-2024-33070?

A vulnerability exists in Qualcomm wireless devices that can lead to a transient denial of service condition. This issue arises during the parsing of the Extensible Security Protocol Information Element (ESP IE) found in beacon and probe response frames. Successful exploitation of this vulnerability could interrupt network connectivity, leaving users temporarily unable to access network services. It is crucial for users and administrators of affected Qualcomm products to apply the necessary patches and updates to mitigate this risk.

References

https://docs.qualcomm.com/product/publicresources/securit...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 7, 2024